The secret to online safety: Lies, random characters, and a password manager

Or, how to go from "123456" to "XBapfSDS3EJz4r42vDUt."

It's time to ask yourself an uncomfortable question: how many of your passwords are so absurdly weak that they might as well provide no security at all? Those of you using "123456," "abc123," or even just "password" might already know it's time to make some changes. And using pets' names, birth dates, your favorite sports teams, or adding a number or capital letter to a weak password isn't going to be enough.

Don’t worry, we're here to help. We’re going to focus on how to use a password manager, software that can help you go from passwords like "111111" to "6WKBTSkQq8Zn4PtAjmz7" without making you want to pull out all your hair. For good measure, we'll talk about how creating fictitious answers to password reset questions (e.g. mother's maiden name) can make you even more resistant to hacking.

Why you can’t just wing it anymore

A password manager helps you create long, complicated passwords for websites and integrates into your browser, automatically filling in your usernames and passwords. Instead of typing a different password into each site you visit, you only have to remember one master password.

Why bother? The algorithms and tools hackers use to crack passwords are becoming ever more sophisticated and powerful, as we explained last year in "Why passwords have never been weaker—and crackers have never been stronger." Even people with no experience cracking passwords can do so with the tools available today. And as Wired's Mat Honan discovered from personal experience, the interconnectedness of online accounts coupled with insecure password reset mechanisms creates gigantic risk. Once a hacker gets into one of your accounts, all of them may be vulnerable.

Too often people reuse a password across even their most important accounts, or use a base word and add a number or symbol for different sites. A weak password can be exposed by so-called "brute-force cracking," in which computers try all possible passwords until the right one is found. “Dictionary attacks” are more common, however. These use lists of millions or even billions of previously cracked passwords. Even worse, there have been numerous examples of vendors practically gift wrapping password information, storing users' passwords in plain text or suffering security breaches that expose cryptographically hashed password data for millions of people.

Even if your password is exposed only in an obscured, "hashed" form, it's vulnerable to hackers converting it to plain text. This is especially true for weak passwords, although we've seen that even relatively strong passwords can be cracked. If a password you use across many sites is exposed in this way, you could see hackers take access of your e-mail, financial accounts, and social networking profiles.

"Passwords are a terrible system. I mean, passwords are awful," said Jeffrey Goldberg, Chief Defender Against the Dark Arts (yes, that's his real title) at AgileBits. His company makes a password management software called 1Password.

So why does Goldberg spend his career helping users manage passwords? As bad as passwords are, no one has come up with anything good enough to replace them across the whole Internet. Goldberg hoped for some 15 years that client certificates (digital signatures to identify users and Web services) would do the trick, but the technological and implementation barriers proved too great.

Two-factor authentication systems combining passwords with a second verification method (like one-time security codes sent to your cell phone) are improving matters, but while they've been adopted by the likes of Apple, Google, and Microsoft, you won't find them on every site you care about. PayPal's top security chief is working on a plan to "obliterate passwords from the face of the planet," but that won't realistically happen any time soon.

"People have been trying to replace passwords for a long time, and they all run into the same handful of fundamental problems," such as challenges in setting up a network of trusted third parties (similar to certificate authorities) to sign user credentials, Goldberg said. Thus, the need for passwords and for users to practice good password security "isn't going to disappear over the next few years." Password managers make a terrible system less terrible in Goldberg’s view.

We recently gave three hackers a list of 16,000 hashed passcodes, and they cracked nearly 90 percent of them. To stay in the safe zone, we recommended that passwords contain a "minimum of 11 characters, contain upper- and lower-case letters, numbers, and letters, and aren't part of a pattern." Password managers will help you create truly random passwords that go well beyond 11 characters.

1Password is one of numerous password management systems. Others include LastPass and KeePass. Now, password managers aren't perfect—there is no such thing as perfect online security in 2013—and they aren't necessarily right for everyone. But if used properly, they would undoubtedly improve security for a large population of people using weak passwords. There may be dozens of websites that you have to log into; without a password manager or some other system, creating strong passwords for each one and remembering them would be a nightmare.

"The way our brain works, most of us, you won't be able to remember completely unique passwords for each and every site," Per Thorsheim, a security expert who organizes the annual PasswordsCon conference, told Ars. "We need some logic, we need something to make our brains able to remember those passwords."

Thorsheim is a user of LastPass. He notes that password managers often rely on cloud-based systems to sync logins across devices, introducing a small risk that criminals could target a single point of weakness by hacking into your password service. But the benefits of a system that creates ultra-strong, unique passwords for each site you visit outweigh this risk. And this risk is small. Your data is encrypted on your own computer before being sent to cloud servers and your master password is never stored by any cloud service. "I trust their encryption scheme," Thorsheim said of LastPass. "I also trust in what I see from AgileBits and others."

Making a password manager part of your routine

I bought 1Password for myself several years ago to help me strengthen my security, particularly for banking and other financial accounts. So let’s look at how to use a password manager with 1Password as an example. Note that this is not an endorsement of 1Password over other systems, as we'll talk about how different password managers offer different approaches.

1Password comes in two parts, a desktop application and a browser plugin that automatically fills your passwords into Web forms such as your e-mail, Facebook, or bank site. 1Password stores all of your passwords in an encrypted file, which can only be accessed with a master password. The first step is choosing a master password that's ultra-strong and that you're capable of remembering. Tips on how to choose a master password are coming (on page 3) but for now, let's look at how 1Password and other password managers integrate into your workflow.

Each time you use 1Password, you'll type in your master password to get started:

Within the application, you'll see the list of sites for which you have saved username and password information. You'll also notice categories like "secure notes" and "wallet," the latter of which is a good place to store credit card information.

If you double-click a site name in that list (underneath where it says "144 items by Title") the website will open in your default browser, and your username and password data will be automatically entered.

Pressing the "Edit" button or double clicking on the right hand side of the 1Password application will bring you into an individual site's entry. Here you can edit username and password data or create a stronger password.

Next to the password field will be a button labeled "Generate." Clicking this will bring you into 1Password's random password generator:

The generator lets you adjust the rules for creating passwords. You can specify lengths from 1 to 50 characters and specify how many digits or symbols should go into the password. It's a good idea to make your passwords as long as possible, although some sites may limit you to 16 characters or some other amount.

You can even choose "pronounceable" passwords, which will give you something like "eck-vor-ev-ig-vin-jo."

The password creator offers no option for "random numbers of digits and symbols," so if you want each password to have different configurations you'd have to change the amount of digits and symbols each time. Goldberg explained that this small concession was made so that 1Password's browser plugin can more easily create passwords to fit the requirements of various sites (e.g. "password must contain at least two symbols and one number").

"The short answer is yes, we lose something here in strength, but when you do the math on realistic examples it turns out to be a small loss," Goldberg said. "The gain is that it is more likely for a generated password to meet the site's requirements on the first shot. Of course, as the kinds of requirements we see in sites changes over time, we might find that we can modify the Strong Password Generator to ditch the 'exactly N digits' business altogether."

(Goldberg discussed some of the more technical decisions AgileBits has made with 1Password in an Ars forum thread last year.)

The above screenshots are from a Mac computer. The Windows version of 1Password looks a bit different, but it operates in a similar manner:

Now, the desktop application isn't the most convenient place to generate and retrieve passwords. That's why 1Password and other password managers come with browser extensions that automatically detect sites in which you might want to save existing passwords or generate new ones.

From the desktop application, click "preferences" and then "browsers" to install the extension in your browser of choice. If you click the extension within the browser, you'll get an interface that’s like a stripped-down version of the desktop one:

Like the desktop application, the extension provides a list of websites for which you have accounts:

And a password generator:

When you navigate to a site for which you have a saved login, clicking the browser extension will provide the option of filling the login fields. You can also take this opportunity to generate a stronger password for that site if you haven't already. If you navigate to a site for which you don't have password data saved, 1Password will (most of the time) offer to save it or help generate a new password.

The desktop application does allow you to copy passwords to your computer's clipboard and then manually paste them into a website form (using Control-V on Windows or Command-V on Mac.) By default, the password only remains in the clipboard a short period of time, such as 90 seconds. However, 1Password officials say it's more secure to let the browser extension fill in the data automatically to protect yourself from keylogging malware that reads keystrokes or text from the clipboard. You must always type your master password—do not store it in a file and copy and paste it—but 1Password uses a "secure input mode" to protect your master password from keyloggers by preventing applications from observing your typing. In the event your 1Password data file is stolen, AgileBits uses PBKDF2 technology to increase the amount of time it takes to run automated password guessing programs, making them impractical.

"Given how known keyloggers work, 1Password protects against them," Goldberg said. "This is all a bit of an arms race between password managers and keyloggers. Even though the good guys are ahead today, this is a game that is stacked against us in the long run. I think that the only reason that we remain in the lead is that the keylogger writers are content to keep their keyloggers simple at the cost (to them) of not getting the passwords from people who use well designed password managers."

Whether you use a password manager or not, the existence of keyloggers that can read passwords as you type them is just one more reason to practice good desktop security, using antivirus software and keeping your PC up to date with all the latest security fixes.

Not only is the mobile experience bad, the desktop doesn't work that well either. Login forms tend to be on the front page of websites, and use fancy Javascript to show/hide the login box, which breaks the plugin. Also, the pages occasionally get redesigned in a way that hides the username/password from the browser plugin. You can re-save the password, but then you have to go in and manually copy over any extra data (i.e. security questions) that are saved in the entry. At this point (~2 years) less than half of the websites I visit regularly have functional auto-fill. Note: this applies to KeePass+KeeFox. I'm not sure about the other programs

Doesn't keepass2 on win support autotype natively without an extension? and I've only encountered one website (paypal) that breaks, and that's only with the most recent overhaul of their design

Yes it does, at least on Windows. Ctrl-Alt-A calls KeePass, and autofills if you've already logged into KeePass. If you aren't logged in, you get a log-in prompt first. If the log-in screen matches multiple entries in your KeePass database, it gives you a nice list of accounts to choose from.

I had a couple bad experiences with this version of autotype, where "username"-tab-"password" didn't work, and it ended up typing my password in some random spot (the search box, for example), and then hitting "enter" automatically.

But maybe these problems have been fixed in the latest version, I just haven't noticed.

A password manager only works if you use it, and I couldn't commit to the user experience of a password manager until I found Dashlane. I feel Dashlane deserves a mention in this article, since it certainly compares to 1Password, LastPass and company.

Dashlane Dashlane provides a smart (and easy-to-use) cross-platform desktop app paired with great browser plugins and mobile apps for iOS and Android. Fully-encrypted syncing is built in (not a 3rd-party function), with the only key tied to your master password. Your private data can only be decrypted locally, with 2-step verification for any new devices. The company recently moved to a more mature business model of $20/year for synced service between 2 or more devices, but your first device is still a free place to start.

I've used Dashlane for a year and appreciated it as a brand new password manager built around secure syncing and a great application/plug-in experience. They are steadily improving their service and I'm impressed at how efficiently they respond to bugs and suggestions.

Unfortunately, Dashlane is now more expensive than LastPass or 1Password. Still, none of the other managers give me everything I want. I prefer a dedicated app (easier to maintain than a browser-based solution), built-in syncing (less worrisome than 3rd-party patches) and a good-looking easy-to-use UI (easier to learn and troubleshoot for the less technically-inclined).

Check it out!

I totally agree with you, for me Dashlane is the best password manager and deserved to be in this article.They gave to beta testers "FREE secure cloud backup and sync to multiple devices FOR LIFE" =)

Decentralization: Because decryption only happens client side (and the password file may in fact never leave the user's system at all depending on the manager in question), there is no central target. Hacking into a site can mean instantly getting a file with hundreds of thousands to millions of accounts. Hacking into every one of those hundreds of thousands to millions of machines (or even finding them at all) is a bit more work, particularly as they won't tend to actually be running public network services.

And of course, if someone breaks into your machine specifically and gets root then having a password manager causes no particular harm since they can just snarf everything you type anyway.

Guaranteed security practices: if every single site followed normal best practices then this whole conversation would be moot since leaks wouldn't matter. The whole problem is that they don't. In contrast a password manager can get it right and in turn be secure. In principal a password manager can also secure itself beyond what sites will use, via multifactor authentication for example (although sadly I don't think any of them get this right and 1Pass doesn't at all for reasons mentioned in the article's linked thread).

Better security model: within the scope of using passwords at all, it's better to have a really good one and to not reuse it anywhere where it'll be stored insecurely. Almost no one can remember a good different password for every single site they visit. Having a single very good password that is only ever entered client side and never broadcast is much more doable, and in turn more secure and easier in practice.

Provides an abstraction layer: in the future, a site may change to improve its security practices (for example by offering a way to enter a full hash). A password manager could make it easier for users to automatically take advantage of that.

A password manager is just a vastly better way as long as we live in a world with passwords.

Quote:

Once they have a viable attack on the password manager, they are going to have a comprehensive list of your account credentials. That means all of your accounts, not just one.

Yeah if they get root on your system then you are pwn3d, what an amazing observation.

Quote:

The reality is that the security has to be managed by the site in cases like this,

Not entirely, no.

Quote:

and about the only thing that you can do to protect yourself is to use different passwords for different services

And you're going to remember all those different passwords for dozens/hundreds/thousands of services how? How closely have you thought about this?

Quote:

The worse thing that you can do is open up additional vectors for attackers, which is essentially what a password manager is.

Nope. If step one of an attack is "get root on the client's machine" then it's still pretty much the same vector.

I can tell you exactly what will happen if password managers become commonplace: hackers will start focussing their attacks on the password managers.

We already do. But password managers are designed properly and securely. Even with the current version of 1Password, which has a design flaw in the way the master password is hashed, we still cannot attack it very easily, nor enthusiastically.

With the current version of 1Password, we can only pull about 3 MH/s using four GPUs. This is roughly the same speed as cracking raw sha256 on a single CPU core without the aid of SSE.

So while it may not be as slow as they would have liked, it's still pretty damn solid. And the next version of 1Password has even stronger master password protection.

such as challenges in setting up a network of trusted third parties to handle authentication

means since there should be no third parties involved with authentication and none are necessary beyond the initial SSL connection, but the sentiment that most sites are lazy is unfortunately quite correct.

In the scenario that part of the article discusses, the third parties would be similar to certificate authorities.

There's no need for that though since a site can be its own certificate authority. While I guess plenty of services understandably argue that you should lock yourself into their wares, it remains true that there is absolutely zero need for any third party beyond the initial connection (and even that doesn't have to be central either if a WoT scheme is used).

Not only is the mobile experience bad, the desktop doesn't work that well either. Login forms tend to be on the front page of websites, and use fancy Javascript to show/hide the login box, which breaks the plugin. Also, the pages occasionally get redesigned in a way that hides the username/password from the browser plugin. You can re-save the password, but then you have to go in and manually copy over any extra data (i.e. security questions) that are saved in the entry. At this point (~2 years) less than half of the websites I visit regularly have functional auto-fill. Note: this applies to KeePass+KeeFox. I'm not sure about the other programs

Doesn't keepass2 on win support autotype natively without an extension? and I've only encountered one website (paypal) that breaks, and that's only with the most recent overhaul of their design

Yes it does, at least on Windows. Ctrl-Alt-A calls KeePass, and autofills if you've already logged into KeePass. If you aren't logged in, you get a log-in prompt first. If the log-in screen matches multiple entries in your KeePass database, it gives you a nice list of accounts to choose from.

I had a couple bad experiences with this version of autotype, where "username"-tab-"password" didn't work, and it ended up typing my password in some random spot (the search box, for example), and then hitting "enter" automatically.

But maybe these problems have been fixed in the latest version, I just haven't noticed.

Also since this is relevant to the topic I just found out keepassx development started up again, they seem to be doing a complete rewrite for v2 (compatible with keepass v2 databases) https://www.keepassx.org/news

I agree it's not ideal, but if you look closely at the login popup there is a link to the standalone login form. We're definitely open to changing it, but the popup login does offer some convenience IMO. Perhaps with a bit of tweaking we can get the password managers working better with the popup.

The problem isn't that the JavaScript popup doesn't work today. It works fine with KeePass. But will it work after the next site redesign? And the one after that? My saved Ars login (a forum login from several years ago) did not work automatically with either the JavaScript popup or the current https login page, and the page it pointed to no longer exists. If I have 120 Web passwords (a reasonable estimate), and sites redesign in a breaking way every 2 years, I will have 5 passwords per month that quit working - which gets annoying really fast. And explains why auto-type on most of my passwords is currently broken.[Edit: spelling]

The reality is that the security has to be managed by the site in cases like this, and about the only thing that you can do to protect yourself is to use different passwords for different services (and to minimize how much the site knows about other services that you may use). The worse thing that you can do is open up additional vectors for attackers, which is essentially what a password manager is.

What I do is remember different password "tiers". I usually have 5 passwords memorized at any time, in increasing orders of complexity.

I use the lowest complexity password for sites I plan to only use once and then forget about (or accounts that I share with people I don't particularly trust, which is necessary at times). I use the password "drowssap" in this case. I seriously don't care who knows that.

The next lowest for sites that I use occasionally, but wouldn't give a flying frak about if they were compromised, usually because the damage that could be done is minimal (like this site). I use a simple 8 char alpha-numeric pass for this tier.

I use the middle tier for things which I care about somewhat, but wouldn't be the end of the world if they were compromised (such as a loss of (non critical) data, or game items, etc.). For this tier I use a 10 char alphanumeric plus symbol pass.

I use the second highest tier for things like PayPal, bank accounts, etc. Basically anything that if compromised could cost me actual money. Unlike the tiers below this, if any of the accounts in this tier get compromised, I change the passwords of all of them. In lower tiers, if the password is compromised (and I actually care), I just change the password of the account which was compromised. This is because it's unlikely (or not worthwhile) for the attacker to follow sideways in those tiers to other accounts. For this tier I use a 12+ char randomly generated alphanumeric + symbol pass. Adds difficulty to remembering, but makes it harder for pattern attacks to work.

Finally, I use the highest tier solely for my email account. This is because, with access to the email account, one can trivially obtain any other password. For this I use a 30+ character pass phrase.

This setup has worked well for me, and has survived two site database leaks (that I know of). It is quite secure, and most importantly I can actually remember all of the passwords involved.

On another topic, I hate when sites enforce specific complexity requirements, like "The password must contain a lower case letter, upper case letter, and a number." (Like ars.) The password "hVn@hI(;v$Xpg", which I just randomly typed, is quite secure, but would not meet those requirements, because it doesn't have a number. You should analyze the overall complexity, based on length, search domain, use of common words, symbol/number -> letter substitution, etc. Arbitrary requirements that don't actually add security, but sometimes prevent people from using a secure password they have memorized, are annoying as hell. Whenever that happens to me, I usually end up using a less secure password, not more. (Or just adding a 1 or etc. to the end of the (secure) password I was originally going to use, and then forget about that a couple months later and have to reset my password.)

I know that Jon briefly touched on this is the story, but I'd like to know more about Firefox Sync as a password management alternative. Wouldn't this be relatively secure combined with a random password generator? What kind of encryption algorithms does Firefox use to keep your passwords safe?

I used to have a piece of paper in my wallet, but it just got out of hand - everyone wants passwords whether there is a need on that site or not.

Now I use Password Safe. It was mentioned in the article, but what wasn't mentioned is it's a stand-alone program. I can have my safe on my PC, and it doesn't send anything to the web. I have a copy of it in my pocket as well, on a USB key, so I can use it on a work PC. Its weakness, not syncing passwords across the Internet, is also its strength - I know that my passwords are not stored on some web server somewhere and potentially susceptible through that.

At the risk of being cheeky, here's the solution I cobbled together from reading lots of these articles on Ars and elsewhere, and some creative thinking. Your (constructive only!) criticism is solicited:

First, I create and memorize a random string of characters. This has some uppercase, lowercase, numbers, and symbols. It's 6 characters long, which seems a decent balance between complexity and usability.

Then, I take that random string and use it as an infix in the site name to create the password. So for ArsTechnica, the password is ars[randominfix]technica. This particular password is 17 characters long. For sites like eBay, the password is "only" 10 characters.

So far as I can tell, this neatly solves the three needs of passwords: Be unique for each site, be easy to remember (and easy enough to type), and be long and random enough to be difficult to crack if stolen.

It's not perfect, of course. A dedicated attacker with one of my passwords would probably guess what I'm doing and apply it to other sites. But that requires an attack directly on me, not on [me as one of millions of hacked users]. And I think that, for the way I use the internet, it's secure enough. I don't have a third-party car alarm, bars on my house windows, or $100 padlocks on my bikes, because the "normal" locks and alarms are enough. This is my digital equivalent of "enough".

It's not that I don't trust password managers, and I may yet be convinced to use one. I just don't see how they offer much improvement on what I've been doing.

Interesting that one of the rumors about the next iPhone relates to a fingerprint scanner. If Apple came up with a password manager that iCloud synced (securely) between my Mac OS X box and iOS devices, and did two-factor authentication involving both a strong master password AND biometrics (say thumbprint, or even thumbprint PLUS facial recognition via iSight cameras for triple-factor), that would be kind of cool.

I've been a user and believer in LastPass since Steve Gibson evangelized it on Security Now in 2010. It makes it super simple to have 100+ char passwords on sites where security really matters. Prior to that I used 1Password, which didn't have much multi-platform support at the time. But I think both products are well developed and would not live without my LastPass.

When writing things on a piece of paper you can easily obfuscate the content. Here's an example:

Say I have a bank account number I want to record. Randomly I insert a telephone number I'd instantly recognize such as my home phone growing up. Those extra 10 digits don't all have to be in one string either. I could put the area code in one place, include 3 or 4 real digits then finish the number. The final 7 numbers are so obvious my eye will lock in on them. Then I know to look for (and remove) the area code.

Of course, one need not use only telephone numbers. Meaningful dates, addresses, etc. can all be used as stuffing.

Of course, if you're a super nerd you can reorder the characters according to some sequence you'll remember. I prefer Pascal's triangle because, well, nobody ever gives it any love. However, Fibonacci's sequence works just as well. When doing that I cycle around rather than pad with a huge number of bogus characters - it just saves space.

And yes, I've carried my bank account info, logins, etc. obfuscated in such a way in my wallet since people were still trying things out like the "Information Superhighway" or "Infoban" until everyone finally settled on "Internet"

Complex passwords are great, until you have to enter them on a mobile device

The passwords for all the sites I sometimes use away from home are significantly weaker than the random throwaway sites I just toss into KeePass (and then, naturally, my bank password is mandated to be even weaker). It's a problem.

Yeah, I wish it were possible to mount a phone as a bluetooth keyboard and have KeePass auto-type a password into the bluetooth keyboard. With some smart clipboard-typing-backspace chicanery, it might also fool rudimentary keyloggers.

At the risk of being cheeky, here's the solution I cobbled together from reading lots of these articles on Ars and elsewhere, and some creative thinking. Your (constructive only!) criticism is solicited:

First, I create and memorize a random string of characters. This has some uppercase, lowercase, numbers, and symbols. It's 6 characters long, which seems a decent balance between complexity and usability.

Then, I take that random string and use it as an infix in the site name to create the password. So for ArsTechnica, the password is ars[randominfix]technica. This particular password is 17 characters long. For sites like eBay, the password is "only" 10 characters.

So far as I can tell, this neatly solves the three needs of passwords: Be unique for each site, be easy to remember (and easy enough to type), and be long and random enough to be difficult to crack if stolen.

It's not perfect, of course. A dedicated attacker with one of my passwords would probably guess what I'm doing and apply it to other sites. But that requires an attack directly on me, not on [me as one of millions of hacked users]. And I think that, for the way I use the internet, it's secure enough. I don't have a third-party car alarm, bars on my house windows, or $100 padlocks on my bikes, because the "normal" locks and alarms are enough. This is my digital equivalent of "enough".

It's not that I don't trust password managers, and I may yet be convinced to use one. I just don't see how they offer much improvement on what I've been doing.

The problem with that is the site name is assumed to be one of the words in the dictionary. So ars2kds&3technica isn't any stronger than e2kds&3bay. Both are essentially 8 characters long. And worse, should someone brute force your password from a compromised site your random string will get added to their dictionary. Then your password is only 2 or 3 "letters" long in their next crack.

The problem with that is the site name is assumed to be one of the words in the dictionary. So ars2kds&3technica isn't any stronger than e2kds&3bay. Both are essentially 8 characters long. And worse, should someone brute force your password from a compromised site your random string will get added to their dictionary. Then your password is only 2 or 3 "letters" long in their next crack.

True, but are the "peices" of the site name in the dictionary used for the attack? This is why it's an infix instead of a pre- or post- fix.

And do all bits of all passwords get added to dictionaries for future attacks? Wouldn't that make the dictionaries so long as to be no longer a shortcut to brute force? I was under the impression that dictionaries were compiled from lists of most common passwords. Thus, finding a random string infix to one person's password on a site would not cause that string to be looked for in future attacks. Right?

At the risk of being cheeky, here's the solution I cobbled together from reading lots of these articles on Ars and elsewhere, and some creative thinking. Your (constructive only!) criticism is solicited:

First, I create and memorize a random string of characters. This has some uppercase, lowercase, numbers, and symbols. It's 6 characters long, which seems a decent balance between complexity and usability.

Then, I take that random string and use it as an infix in the site name to create the password. So for ArsTechnica, the password is ars[randominfix]technica. This particular password is 17 characters long. For sites like eBay, the password is "only" 10 characters.

So far as I can tell, this neatly solves the three needs of passwords: Be unique for each site, be easy to remember (and easy enough to type), and be long and random enough to be difficult to crack if stolen.

It's not perfect, of course. A dedicated attacker with one of my passwords would probably guess what I'm doing and apply it to other sites. But that requires an attack directly on me, not on [me as one of millions of hacked users]. And I think that, for the way I use the internet, it's secure enough. I don't have a third-party car alarm, bars on my house windows, or $100 padlocks on my bikes, because the "normal" locks and alarms are enough. This is my digital equivalent of "enough".

It's not that I don't trust password managers, and I may yet be convinced to use one. I just don't see how they offer much improvement on what I've been doing.

The problem with that is the site name is assumed to be one of the words in the dictionary. So ars2kds&3technica isn't any stronger than e2kds&3bay. Both are essentially 8 characters long. And worse, should someone brute force your password from a compromised site your random string will get added to their dictionary. Then your password is only 2 or 3 "letters" long in their next crack.

Indeed. Worse still, the site name (and variants thereof) are the first thing any serious hacker will add to their dictionary. I think the best thing to keep in mind about passwords (and that's quoted in the article) is:

Quote:

The strength of a password creation system is not how many letters, digits, and symbols you end up with, but how many ways you could get a different result using the same system.

No matter how clever or obscure you think your system is, this advice stands.

The problem with that is the site name is assumed to be one of the words in the dictionary. So ars2kds&3technica isn't any stronger than e2kds&3bay. Both are essentially 8 characters long. And worse, should someone brute force your password from a compromised site your random string will get added to their dictionary. Then your password is only 2 or 3 "letters" long in their next crack.

True, but are the "peices" of the site name in the dictionary used for the attack? This is why it's an infix instead of a pre- or post- fix.

And do all bits of all passwords get added to dictionaries for future attacks? Wouldn't that make the dictionaries so long as to be no longer a shortcut to brute force? I was under the impression that dictionaries were compiled from lists of most common passwords. Thus, finding a random string infix to one person's password on a site would not cause that string to be looked for in future attacks. Right?

Not a professional hacker but I've been reading closely. Hackers "start" with vanilla dictionaries. They add to them as they go. There was a revealing quote in the recent article with the list that got 90% hacked that during a hacking run they look at the successful decodes to figure out what they're looking at. If they didn't already know what site they were hacking from they would from the 1000's of 'ars' and 'technica's that showed up. Bing! Add them.

Depending on the rule set being used any dictionary element can be combined in any order with any other dictionary element as well as a brute force combined at every location up to a certain depth. Your 6 random characters aren't a very deep brute force attack so it's not out of the question it could fall to one such attack.

I'm quite certain that hackers build their dictionaries over time. A quote in one of the recent articles basically stated that the guy would brute force a certain number of hashes that otherwise resisted the combined dictionary/brute force attacks. The only reason to spend the resources on that is to identify patterns, word choices, etc. that can be analyzed to build newer rule sets and dictionaries.

At the risk of being cheeky, here's the solution I cobbled together from reading lots of these articles on Ars and elsewhere, and some creative thinking. Your (constructive only!) criticism is solicited:

First, I create and memorize a random string of characters. This has some uppercase, lowercase, numbers, and symbols. It's 6 characters long, which seems a decent balance between complexity and usability.

Then, I take that random string and use it as an infix in the site name to create the password. So for ArsTechnica, the password is ars[randominfix]technica. This particular password is 17 characters long. For sites like eBay, the password is "only" 10 characters.

So far as I can tell, this neatly solves the three needs of passwords: Be unique for each site, be easy to remember (and easy enough to type), and be long and random enough to be difficult to crack if stolen.

It's not perfect, of course. A dedicated attacker with one of my passwords would probably guess what I'm doing and apply it to other sites. But that requires an attack directly on me, not on [me as one of millions of hacked users]. And I think that, for the way I use the internet, it's secure enough. I don't have a third-party car alarm, bars on my house windows, or $100 padlocks on my bikes, because the "normal" locks and alarms are enough. This is my digital equivalent of "enough".

It's not that I don't trust password managers, and I may yet be convinced to use one. I just don't see how they offer much improvement on what I've been doing.

I used to do something similar, but the ease with which an attacker could deduce what you are doing once one password is compromised makes having unique passwords based on this kind of a system useless. And i wouldn't depend on the notion that the sheer number of exploited users would mean nobody will look at your password very closely.

If you want to keep doing something like this, at the very least obfuscate what you are doing. Convert the first six letters of the domain to numbers, multiply them by a number that is meaningful to you (your birth month for example), add your full birth year, then divide by your birth day. Take the first two digits that are less than 26 (i.e. if you arrived at 327569, your number would be 25) and convert them back to a letter and capitalize it if it is even. Split the number at the first odd number and put the first part before your random infix, and the second part after. Now that would be a relatively strong password that would not be easy to brute force, and wouldn't be easy to deduce for a separate site should one site be compromised. Of course, every time to have to log in somewhere, you are going to be scribbling furiously to recreate your password. But it is something you can recreate even if you can't remember it.

I've been using some form of password manager for 3+ years now and largely it solves many of the major issues... but it also introduces a number of others (particularly if you use it for everything, not just websites).

The largest annoyance has to be porting passwords over to devices that the manager cannot directly interact with. Create a significantly complex password for your Netflix account, and then want to watch streams on your PS3/Xbox360/TV/Blu-ray player? Not very fun, particularly on hardware that use input devices (like remote controls) that require hitting a key 10 times to get the right character to begin with (or your generated password has a character you can't even input.)

Also significant annoyances to be found when you in a location where you do not have access to a device that is storing your database... or the situation I find I always encounter... when I need access to something in an "emergency", but I only have direct access to a non-secure device (someone else's equipment). Granted using a non-secure device is a risk either way, but it becomes a risk of exposing one password vs. possibly exposing every password.

You are *probably* creating more security by using a password manager... though its important to note you might be creating a false sense of security as well. I can think of a least one big "online" name that stores whatever you give them in case-insensitive format (with no indications this is happening), so much of your complexity just went out the window, along with any perceived gains in security. Not to mention those sites which have very poor password handling to begin with (too short, not enough allowed characters classes, etc.). I even encountered one financial company (shame shame on them) who would let you save a sufficiently complex password, but then their login form wouldn't accept enough characters to actually login with it (sure was the fun of trying to explain this to them to get the password reset).

All that, and then you now need the expertise to make sure whatever is storing your database is secure. Yes, I realize that if someone has local access it is probably already too late, but if you are only storing it locally in one location, you've got other issues... you have to offload it at some point to backups. How do you keep those backups secure? If you are using a "cloud based" storage how are you managing the password for that service? Do you have a plan in place if any of those are somehow breached?

And finally, once you get all the kinks worked out, and you are using all these wonderfully complex passwords everywhere, you have to ensure you are not complacent in frequently changing your master password.

I started using LastPass a few years ago and really like it. This is something that I tend to drone on and on about but it is because it has become trivially easy to crack passwords that most people use. Your password has to be long, as anything less than 8 characters can be brute forced in less than a day... millions can be done in minutes. If you have a password that is less than 8 characters, it needs to be changed now. Right now. Not tomorrow, not next time you log on but now. It needs to use caps, lowercase, numbers and symbols. It has to be longer than 8, the longer the better; but it also needs to be random.

With so many high profile security breaches, hackers have been able to take these lists of millions of passwords and effectively reverse engineer them to learn how people think of/create their passwords. Things like replacing 'a' with '@' or 'o' with '0' are so common that rules are written into the password crackers to take advantage of these patterns. Adding number to the beginning and end are also patterns that people use. There are thousands of patterns that have been identified and written into password cracking programs that will make short work of your 16 character password if it isn't as random as you think it is.

When you have millions of examples it starts to become much easier to pick out the patterns that people use; we like to think that we are being clever and that no one would ever in million years guess THIS particular password but that isn't the right way to think of it... if anyone of those millions of people that use popularSite.com think just like you do then there is a pattern. And if there is a pattern then your password has been rendered useless.

It really needs to be random and people are terrible at coming up with random. It just isn't the way that the human brain is wired.

I use KeePass, and actually prefer the disconnect between the password manager and my browser. Could just be paranoia talking, dunno.

However, beyond that, I use KeePass to store my answers to the ID questions. Thus, "What is the name of your first pets?" gets answers like "Zdnam1%$dPmLZh4". I have gotten odd responses over the phone before; I think it was my bank that used your personal ID questions for phone actions as well.

I've never considered randomizing my usernames, though.

One thing I've just started doing (because I didn't know about it) is using GMail's ability to add random stuff to your email address (e.g. if my email is example@gmail.com, my Ars email might be example+ars@gmail.com) and still receive it. I don't know that it really helps security, but it does help me figure out where mail is coming from, and it can't hurt.

Related to the email thing, though, are sites that require you to use your email as your username. Not much you can really do about that; a semidetermined black hat would probably quickly filter out +, @, and everything between to get valid email addresses.

I've done the nonsense answer thing for a while with my benefits reminder Q&A at work for years. Best is when they let you enter your own question freeform -- that way you can enter a question that you can be sure someone will "know" the answer two and frustrate them with an answer that is a complete non-sequitur. For example: "What is the average airspeed of an unladen swallow?" makes for a fine question -- as long as the answer has absolutely NOTHING to do with Monty Python.

Random misdirection is one thing -- but a question that leads would be hackers down an entirely wrong path is altogether more fun.

The problem, though, is having people that NEED access to your accounts can get stymied as well, if you aren't careful.

Well, in this case it's only me who would need access; it's for when/if I need to change my insurance plan during the yearly enrollment window. If others for some reason needed access, I'd be able to tell them the answer from memory -- it is *such* a random non-sequitur that when it popped up a couple years ago, I immediately remembered that the answer was 1) not what it seemed and 2) a couple moments later "oh yeah, that!" after a quick rehash of my though processes when setting it up.

And, shamefully, I see it's my first Editor's Pick ever and I have the infamous too/two error in it. Pardon me whilst I go find a paper bag with which to hide my face.

One thing I've just started doing (because I didn't know about it) is using GMail's ability to add random stuff to your email address (e.g. if my email is example@gmail.com, my Ars email might be example+ars@gmail.com) and still receive it. I don't know that it really helps security, but it does help me figure out where mail is coming from, and it can't hurt.

One thing I've just started doing (because I didn't know about it) is using GMail's ability to add random stuff to your email address (e.g. if my email is example@gmail.com, my Ars email might be example+ars@gmail.com) and still receive it. I don't know that it really helps security, but it does help me figure out where mail is coming from, and it can't hurt.

Wut? Really? That's cool.

(runs off to try it.)

I wouldn't rely on it for security but I have found it useful to be able to tell where someone got my email from.

It works Nephilim2038 but many sites wont let you use it as it is 'not a valid email address'. Many only let you use either a period or an underscore.

I thought I'd use that to whitelist my emails and reject any that are obviously not from the signed up site. Obviously the site would be also rejected. After attempting many sites I just gave up and used my email.

It is now coming back to bite me; I'm getting spam for the first time in gmail inbox after (when did they first send out invites? Heck! 2004.) 8 years.* A year ago I was boasting I never even noticed spam in the spam folder.

Any suggestions what to do now that I've made the mistake wrt usernames and email addresses? I would rather not abandon this account.

* I know, it is 9 years since it began; I wasn't an early bird. More like the second wave or something.

Good advice. I have been using a password manager for several years and currently have several hundred unique passwords for all sites.

One point to stress is the longer the password the less likely brute force will crack in any reasonable time frame, say 1 month.

A couple advantages of a password manager is each site has its own unique password and each is gibberish. There is no possibility of cracking my ars password and having any idea what my banking password is. Also, if a site gets hacked only one password needs to be changed. With random gibberish for each password the hackers can not use a dictionary attack so it is brute force. Currently I am using very long passwords (much long than 16 characters) so brute force will take some time.

The only real weakness of a password manager is the possibility of someone hacking your computer and gaining access to the password file. As has been pointed out most people are not likely to be deliberate targets of such an attack and hackers what quick access to large numbers of bank accounts and credit cards.

Somethings that I think are important to note about LastPass (and may exist in 1Password, but I haven't tried it, so I don't know):

1) It provides you the ability to enter your passphrase via a virtual keyboard, to minimize the risk when you're on a non-secure public computer2) It additionally provides a mechanism for one-time-only passwords that replace your passphrase to additionally minimize the risk when you're on a non-secure public computer3) It supports Google Authenticator for 2-factor authentication (which I appreciate quite a bit).

These tipped me over the edge and have made me really impressed with the amount of thought put into the password management systems available.

I would never, never, never, never, NEVER use LastPass or any other password manager on a "non-secure public computer". Unless you have a death wish. This is an AWFUL idea.

Yeah, I wish it were possible to mount a phone as a bluetooth keyboard and have KeePass auto-type a password into the bluetooth keyboard. With some smart clipboard-typing-backspace chicanery, it might also fool rudimentary keyloggers.

Actually, David Weinstein and Andrey Belenko from Via Forensics will be presenting a talk at Passwords13 Las Vegas called "Stronger Identity Protection via Mobile Devices", which will be about turning an Android phone into a "password typing" device that acts similarly to YubiKey but is not constrained to a single password. They will also show how "on-device password managers can be integrated with this feature to provide a very convenient and familiar UX."

The KeePass vault file (which stores the passwords) lives in Dropbox and gets auto-synched between all the devices whenever it changes.

But here's the magic part: I don't use an ordinary master password. I use KeePass's feature for _compound_ master credentials. I have a strong password and a "key file", which consists of 187 bytes of random data (KeePass includes a tool for creating the key file). The password and the key file together constitute the encryption key needed to decrypt the password vault file.

I synch the password vault via Dropbox but manually load the key file onto my devices with local file transfers. The key file doesn't get synched via the same mechanisms as the password vault. Because the key file doesn't change, it doesn't need to be regularly synched; a manual setup once per device isn't much of a hassle.

So, even if Dropbox suffers a catastrophic data breach and hackers are able to download every single *.kdb and *.kdbx file stored on Dropbox's servers, it's unlikely that they will ever be able to brute force the combined credential of a strong password + 187 random bytes. To crack my password vault, you would need to compromise one of my devices to obtain the keyfile (in which case my credentials are toast anyway since the baddies could use a key logger) and _then_ they could start trying to brute force the actual strong password. So I'm not vulnerable to a compromise in the synchronisation service backend.